PHP 클래스 Nette\Security\Permission

This solution is mostly based on Zend_Acl (c) Zend Technologies USA Inc. (http://www.zend.com), new BSD license
저자: David Grudl
상속: extends Nette\Object, implements Nette\Security\IAuthorizator
파일 보기 프로젝트 열기: nette/security 1 사용 예제들

공개 메소드들

메소드 설명
addResource ( $resource, $parent = NULL ) : self Adds a Resource having an identifier unique to the list.
addRole ( $role, $parents = NULL ) : self Adds a Role to the list. The most recently added parent takes precedence over parents that were previously added.
allow ( $roles = self::ALL, $resources = self::ALL, $privileges = self::ALL, $assertion = NULL ) : self Allows one or more Roles access to [certain $privileges upon] the specified Resource(s).
deny ( $roles = self::ALL, $resources = self::ALL, $privileges = self::ALL, $assertion = NULL ) : self Denies one or more Roles access to [certain $privileges upon] the specified Resource(s).
getQueriedResource ( ) : mixed Returns real currently queried Resource. Use by assertion.
getQueriedRole ( ) : mixed Returns real currently queried Role. Use by assertion.
getResources ( ) : array Returns all Resources.
getRoleParents ( $role ) : array Returns existing Role's parents ordered by ascending priority.
getRoles ( ) : array Returns all Roles.
hasResource ( $resource ) : boolean Returns TRUE if the Resource exists in the list.
hasRole ( $role ) : boolean Returns TRUE if the Role exists in the list.
isAllowed ( $role = self::ALL, $resource = self::ALL, $privilege = self::ALL ) : boolean Returns TRUE if and only if the Role has access to [certain $privileges upon] the Resource.
removeAllResources ( ) : self Removes all Resources.
removeAllRoles ( ) : self Removes all Roles from the list.
removeAllow ( $roles = self::ALL, $resources = self::ALL, $privileges = self::ALL ) : self Removes "allow" permissions from the list in the context of the given Roles, Resources, and privileges.
removeDeny ( $roles = self::ALL, $resources = self::ALL, $privileges = self::ALL ) : self Removes "deny" restrictions from the list in the context of the given Roles, Resources, and privileges.
removeResource ( $resource ) : self Removes a Resource and all of its children.
removeRole ( $role ) : self Removes the Role from the list.
resourceInheritsFrom ( $resource, $inherit, $onlyParent = FALSE ) : boolean Returns TRUE if $resource inherits from $inherit. If $onlyParents is TRUE, then $resource must inherit directly from $inherit.
roleInheritsFrom ( $role, $inherit, $onlyParents = FALSE ) : boolean Returns TRUE if $role inherits from $inherit. If $onlyParents is TRUE, then $role must inherit directly from $inherit.

보호된 메소드들

메소드 설명
setRule ( $toAdd, $type, $roles, $resources, $privileges, $assertion = NULL ) : self Performs operations on Access Control List rules.

비공개 메소드들

메소드 설명
checkResource ( $resource, $need = TRUE ) : void Checks whether Resource is valid and exists in the list.
checkRole ( $role, $need = TRUE ) : void Checks whether Role is valid and exists in the list.
getRuleType ( $resource, $role, $privilege ) : mixed Returns the rule type associated with the specified Resource, Role, and privilege.
getRules ( $resource, $role, $create = FALSE ) : array | null Returns the rules associated with a Resource and a Role, or NULL if no such rules exist.
searchRolePrivileges ( $all, $role, $resource, $privilege ) : mixed Performs a depth-first search of the Role DAG, starting at $role, in order to find a rule allowing/denying $role access to a/all $privilege upon $resource.

메소드 상세

addResource() 공개 메소드

Adds a Resource having an identifier unique to the list.
public addResource ( $resource, $parent = NULL ) : self
리턴 self

addRole() 공개 메소드

Adds a Role to the list. The most recently added parent takes precedence over parents that were previously added.
public addRole ( $role, $parents = NULL ) : self
리턴 self

allow() 공개 메소드

If $assertion is provided, then it must return TRUE in order for rule to apply.
public allow ( $roles = self::ALL, $resources = self::ALL, $privileges = self::ALL, $assertion = NULL ) : self
리턴 self

deny() 공개 메소드

If $assertion is provided, then it must return TRUE in order for rule to apply.
public deny ( $roles = self::ALL, $resources = self::ALL, $privileges = self::ALL, $assertion = NULL ) : self
리턴 self

getQueriedResource() 공개 메소드

Returns real currently queried Resource. Use by assertion.
public getQueriedResource ( ) : mixed
리턴 mixed

getQueriedRole() 공개 메소드

Returns real currently queried Role. Use by assertion.
public getQueriedRole ( ) : mixed
리턴 mixed

getResources() 공개 메소드

Returns all Resources.
public getResources ( ) : array
리턴 array

getRoleParents() 공개 메소드

Returns existing Role's parents ordered by ascending priority.
public getRoleParents ( $role ) : array
리턴 array

getRoles() 공개 메소드

Returns all Roles.
public getRoles ( ) : array
리턴 array

hasResource() 공개 메소드

Returns TRUE if the Resource exists in the list.
public hasResource ( $resource ) : boolean
리턴 boolean

hasRole() 공개 메소드

Returns TRUE if the Role exists in the list.
public hasRole ( $role ) : boolean
리턴 boolean

isAllowed() 공개 메소드

This method checks Role inheritance using a depth-first traversal of the Role list. The highest priority parent (i.e., the parent most recently added) is checked first, and its respective parents are checked similarly before the lower-priority parents of the Role are checked.
public isAllowed ( $role = self::ALL, $resource = self::ALL, $privilege = self::ALL ) : boolean
리턴 boolean

removeAllResources() 공개 메소드

Removes all Resources.
public removeAllResources ( ) : self
리턴 self

removeAllRoles() 공개 메소드

Removes all Roles from the list.
public removeAllRoles ( ) : self
리턴 self

removeAllow() 공개 메소드

Removes "allow" permissions from the list in the context of the given Roles, Resources, and privileges.
public removeAllow ( $roles = self::ALL, $resources = self::ALL, $privileges = self::ALL ) : self
리턴 self

removeDeny() 공개 메소드

Removes "deny" restrictions from the list in the context of the given Roles, Resources, and privileges.
public removeDeny ( $roles = self::ALL, $resources = self::ALL, $privileges = self::ALL ) : self
리턴 self

removeResource() 공개 메소드

Removes a Resource and all of its children.
public removeResource ( $resource ) : self
리턴 self

removeRole() 공개 메소드

Removes the Role from the list.
public removeRole ( $role ) : self
리턴 self

resourceInheritsFrom() 공개 메소드

Returns TRUE if $resource inherits from $inherit. If $onlyParents is TRUE, then $resource must inherit directly from $inherit.
public resourceInheritsFrom ( $resource, $inherit, $onlyParent = FALSE ) : boolean
리턴 boolean

roleInheritsFrom() 공개 메소드

Returns TRUE if $role inherits from $inherit. If $onlyParents is TRUE, then $role must inherit directly from $inherit.
public roleInheritsFrom ( $role, $inherit, $onlyParents = FALSE ) : boolean
리턴 boolean

setRule() 보호된 메소드

Performs operations on Access Control List rules.
protected setRule ( $toAdd, $type, $roles, $resources, $privileges, $assertion = NULL ) : self
리턴 self